According to Think With Google, over 50% of web traffic came from mobile phones. This was way back in 2016, when we reached a turning point in how we engaged with digital services. Naturally, a higher percentage of people are using the internet through their smartphones now. Cybersecurity has never been more important as more services move online every day.
Unfortunately, mobile phones and their users are prone to cybersecurity mishaps that can put handheld devices at high risk. Here are three factors that make phones cybersecurity weak spots.
Mobile Phones Are More Interconnected Than Ever
Since we use our smartphones for a lot of browsing, not to mention apps and services, it has quickly become the most interconnected device we own. Every online account, app, and contact is likely connected through your phone – it’s the central hub of your digital activity. This is becoming more common as interconnectivity between devices increases.
Making this issue worse is the lack of protections for mobile. For starters, a lot of people don’t have any anti-malware app on their smartphone. And while VPNs for mobile phones exist, most such services are tailored toward laptops and other portable devices. A VPN lets you choose where your IP is based, secures your connections by encrypting and routing them through a virtual tunnel.
Say, you live in Australia but want to access a website or watch content only available to American users, a service such as ExpressVPN would allow you to pick ExpressVPN US servers to view such geo-locked content. So VPNs go beyond mere providing security benefits to users. Unfortunately, this market is more active for desktop and laptop devices than mobile phones.
Let’s not forget public Wi-Fi. As your phone exposes itself to more entry points, the risk of bad actors being able to target your device increases. Many don’t take the usual precautions when using their mobile devices for browsing, especially when connecting to shared, public networks. A good practice is to remain alert and disable any forms of file-sharing or auto-connect.
The IoT Problem
Even if you take all precautions while browsing the web, our mobiles make connections that can be exploited in other ways. The Internet of Things (IoT) exemplifies this best, where smart appliances at work or home can be set to connect to your phone. Often enabled for convenience, these connections can be compromised and enable bad actors to get to your device.
The dream of IoT enthusiasts is that wireless networks of appliances can interact with minimal human input. But that lack of input means that security flaws can persist without being discovered by the device’s owners. IoT homes and workspaces are also reliant on the cloud, which again, represents yet another entry point that could be exploited. While servers are the most common target, cloud-based attacks keep growing rapidly.
The IoT isn’t just a mobile problem, of course. However, in the absence of commercially popular wearable tech, our mobile phones are the main way we control home automation and car connectivity features. As Infosecurity Magazine states, leaving aside mobile phones, IoT is a security challenge for smart cities too.
Ease Of Exposure/Human Error
Last but certainly not least, mobiles are uniquely prone to the kinds of exposure and human error that you can’t get with desktop devices. We touched on this in our point about interconnectivity. But we shouldn’t ignore more basic threats like losing your smartphone or having it stolen.
If a phone isn’t sufficiently protected, losing it can expose your entire network of digital accounts to bad actors. Fortunately, it’s possible to lock your SIM and remotely delete mobile data in such an event. It’s a last resort, and phone data can be backed up on the cloud. Of course, it’s important to remember that the cloud has security concerns and is yet another avenue through which hackers could find your data. The global average cost of a data breach in 2023 was USD 4.45 million. 82% of breaches involved data stored in the cloud, as per IBM.
Human error is responsible for the majority of all security breaches, and mobiles have only increased this risk. Many corporations and organizations identify the loss of company-owned devices as the main issue here – which mostly applies to work phones, tablets, and laptops.
Apart from the above factors, the constant evolution of sophisticated malware, outdated operating systems without the latest security patches and the prevalent use of third-party apps from unverified sources are some other key reasons for phones posing a security risk.